Google Cloud Professional Cloud Security Engineer — Question 73
Your company's Chief Information Security Officer (CISO) creates a requirement that business data must be stored in specific locations due to regulatory requirements that affect the company's global expansion plans. After working on the details to implement this requirement, you determine the following:
✑ The services in scope are included in the Google Cloud Data Residency Terms.
✑ The business data remains within specific locations under the same organization.
✑ The folder structure can contain multiple data residency locations.
You plan to use the Resource Location Restriction organization policy constraint. At which level in the resource hierarchy should you set the constraint?
Answer options
- A. Folder
- B. Resource
- C. Project
- D. Organization
Correct answer: C
Explanation
The correct answer is C, Project, because the Resource Location Restriction organization policy constraint must be set at the project level to effectively control where the business data is stored within the specified locations. Setting it at the folder or organization level would not provide the granularity needed to enforce location restrictions for specific projects, while setting it at the resource level would be too limited.